Which three statements are true about Cryptographically Generated Addresses for IPv6? (Choose three.)
Cryptographically Generated Addresses (CGA) is a method for generating IPv6 addresses that uses cryptography to verify the authenticity of the owner of an IPv6 address. It helps to prevent spoofing and stealing of existing IPv6 addresses.
The following are the true statements about CGA for IPv6:
A. They prevent spoofing and stealing of existing IPv6 addresses. CGA is used to generate IPv6 addresses that are unique and cannot be easily spoofed. CGA provides a way to verify that the owner of an IPv6 address is who they claim to be. It helps to prevent attacks such as ARP spoofing and IP address spoofing.
D. SHA or MD5 is used during their computation. CGA uses either SHA-1 or MD5 as the hash function during the computation process. The hash function is used to generate a hash value from the public key and other parameters.
F. The SHA-1 hash function is used during their computation. SHA-1 is one of the hash functions used in CGA to generate the hash value from the public key and other parameters. The hash value is used to create the Interface ID portion of the IPv6 address.
The other statements are false:
B. They are derived by generating a random 128-bit IPv6 address based on the public key of the node. CGA does not generate a random 128-bit IPv6 address based on the public key of the node. Instead, CGA generates an Interface ID that is used to form the IPv6 address. The Interface ID is computed using the public key and other parameters.
C. They are used for securing neighbor discovery using SeN. Secure Neighbor Discovery (SeND) is used to secure Neighbor Discovery in IPv6 networks. CGA is not used for securing neighbor discovery using SeND.
E. The minimum RSA key length is 512 bits. RSA is not used in CGA. CGA uses public key cryptography, but the algorithm used is not RSA. The minimum key length for the algorithm used in CGA is 1024 bits.